I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
That’s why it’s so hard for people to share images in many cases. I don’t have a good solution for this.
1
Just a reminder that I’m always on the lookout for compromised Linux images that I can use for labs in my Linux Forensics training! Please RT for reach...thanks!
2
40
1
34
Got an email asking about my Linux Forensics class. Just a reminder I will be rolling the class out at Kernelcon March 25 and 26! kernelcon.org/agenda#trainin…
3
1
7
Hal Pomeranz retweeted
10% of every class at @WWHackinFest will go to the open source projects covered in the classes. Just our way of giving back to the Open Source community through the classes we offer.
wildwesthackinfest.com/now/t…
20
3
75
Hal Pomeranz retweeted
When you get up to #present, do you think to yourself “I hope it goes well?” 💭
This implies that something could go wrong....
Instead, think “I want to enjoy myself”. 😄
This slight shift in mindset will help you to relax and have more fun.
#publicspeakingtip #publicspeaking
2
5
1
25
Hal Pomeranz retweeted
Mark your calendars!
The 8th annual @BSidesNOLA
Conference will be on Saturday, October 24th in the historic New Orleans French Quarter!
Questions? Ping: @vicomarziale
@cliffb_infosec @jtsylve @attrc
#DFIR #infosec
2
20
4
26
Congrats to you! Well done!
Thanks to the genuinely amazing @hal_pomeranz & his brilliant instruction, I managed to pass the #GIAC GCUX exam today. Genuinely surprised that I managed to get 89.3% as well! If you want to learn more about Unix magic, this is the course @SANSEMEA @CertifyGIAC
2
What are you especially looking forward to this weekend? Got nothing? Plan something! You work to live, not live to work.
2
5
Hal Pomeranz retweeted
MAX CAPACITY | Cyber Threat Hunting Training
We have hit our max (5,000 attendees) for Saturday's training - so we are launching another free session for April w/ @strandjs
Sat, April 4, 2020 | 11am-5pm EST
Register (April Session): attendee.gotowebinar.com/reg…
2
40
14
61
Hal Pomeranz retweeted
The Call for Presentations for SANS #DFIRSummit is NOW OPEN! Share lessons learned or best practices from all aspects of the fields of digital forensics and incident response with the community! Submit here: sans.org/u/YDc #IR #DFIR
9
6
Hal Pomeranz retweeted
Awesome Forensics Resources : Almost 300 open source forensics tools and 600 blog posts about forensics &1000+ Github Repos about Security Resource Collection : github.com/alphaSeclab/aweso…
1
283
695
Hal Pomeranz retweeted
This. Stop the insanity. Disabling PowerShell is not going to make you secure. It's going to push attackers down a path where you have limited/zero visibility. Follow Lee's guidance below. Keep a powerful tool and get great visibility into how it's used.
Despite listing over 60 hashes of EXEs and DLLs in their Iran cyber briefings, threat intel organizations that recommend disabling PowerShell are hard to take seriously. That advice is simply not actionable. This is.
4
9
“vol.py ... malfind | grep -B4 MZ | grep Process” is one of my faves for quickly pulling out processes with injected PE sections
1
4
1
20
Hal Pomeranz retweeted
#DFIR Tip!
The -A, -B and -C flags to grep are *VERY* handy when searching strings files
with -A <#> it will show you # number of lines after a hit on your search pattern
-B <#> shows number of lines before
-C <#> which stands for context, will show # lines before&after
2
20
1
50
So far I'm really liking AVML (github.com/microsoft/avml) for Linux memory acquisition. Outputs LiME format, static binary. Thanks @sibertor for the pointer!
2
12
1
19